How severe is CVE-2019-1184?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Is CVE-2019-1184 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Windows 10 Version 1803

CVE-2019-1184

An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher leve…

EPSS: 0.702 (99.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C.

Affected products

Microsoft Windows 10 Version 1803 — versions 10.0.0
Microsoft Windows 10 Version 1809 — versions 10.0.0
Microsoft Windows 10 Version 1903 For 32-bit Systems — versions 10.0.0
Microsoft Windows 10 Version 1903 For Arm64-based Systems — versions 10.0.0
Microsoft Windows 10 Version 1903 For X64-based Systems — versions 10.0.0
Microsoft Windows Server 2019 — versions 10.0.0
Microsoft Windows Server 2019 (Server Core Installation) — versions 10.0.0
Microsoft Windows Server, Version 1803 (Server Core Installation) — versions 10.0.0
Microsoft Windows Server, Version 1903 (Server Core Installation) — versions 10.0.0

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1184 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-1184?: CVE-2019-1184 is a medium-severity vulnerability in Microsoft Windows 10 Version 1803. CVSS score: 6.7/10. Published 2019-08-14.
How severe is CVE-2019-1184?: Medium severity. CVSS v3 base score is 6.7 out of 10.
Is CVE-2019-1184 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.